Centos7 Nginx mod_security - unknown directive "ModSecurityEnabled"

Question

installed nginx / nginx-module-security / libmodsecurity by yum.

Founded at: /usr/lib64/nginx/modules/ngx_http_modsecurity_module.so

nginx.conf:

    user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

load_module /usr/lib64/nginx/modules/ngx_http_modsecurity_module.so;    

events {

    worker_connections 1024;

}

http {

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/services/*.conf;

}

try at VHOST:

location / {
            ModSecurityEnabled on;
            ModSecurityConfig /etc/nginx/modsec_includes.conf;
...

service nginx restart, error, systemctl status nginx.service:

nginx: [emerg] unknown directive "ModSecurityEnabled" in {location path}

What's problem and how resolve it ?

Danila Vershinin · Answer 1 · 2019-02-27T18:25:12.443

If you installed the module via yum from this repo, it instructed you where you can find documentation, e.g.:

----------------------------------------------------------------------

The security dynamic module for nginx has been installed.
To enable this module, add the following to /etc/nginx/nginx.conf
and reload nginx:

    load_module modules/ngx_http_modsecurity_module.so;

Please refer to the module documentation for further details:
https://github.com/SpiderLabs/ModSecurity-nginx

----------------------------------------------------------------------

If you follow this link, you'll learn that the new Modsecurity module has different configuration directives in comparison to v2.

So:

server {
    modsecurity on;
    location / {
        root /var/www/html;
        modsecurity_rules_file /etc/my_modsecurity_rules.conf;
    }
}

Centos7 Nginx mod_security - unknown directive "ModSecurityEnabled"

1 Answers1